GTranslate < 2.8.52 – Unauthenticated Reflected Cross Site Scripting (XSS) | CVE 2020-11930

Description

The GTranslate plugin before 2.8.52 for WordPress was vulnerable to an Unauthenticated Reflected XSS vulnerability via a crafted link. This requires use of the hreflang tags feature within a sub-domain or sub-directory paid option.

The vulnerability was due to outputting the WordPress add_query_arg function without prior escaping.

Proof of Concept

http://www.example.com/does_not_exist"><script>alert('XSS')</script><img src=x

Affects Plugins

gtranslate

Fixed in 2.8.52

References

CVE

CVE-2020-11930

URL

https://payatu.com/blog/gaurav/analysis-of-cve-2020-11930:-reflected-xss-in-gtranslate-wordpress-module

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CWE-79

CVSS

4.3 (medium)

Miscellaneous

Original Researcher

Gaurav

Submitter

Gaurav

Submitter twitter

4auvar

Verified

WPVDB ID

41dfddb3-0901-4135-9e50-0aa39a851916

Timeline

Publicly Published

2020-04-20 (about 6 years ago)

Added

2020-04-20 (about 6 years ago)

Last Updated

2020-05-20 (about 5 years ago)

Other

Published

Title

Published

2022-07-26

Title

Feed Them Social < 3.0.1 - Reflected Cross-Site Scripting

Published

2023-04-07

Title

WPGlobus Translate Options < 2.2.0 - Reflected XSS

Published

2024-12-20

Title

real.Kit <= 5.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

Published

2017-04-12

Title

Multiple BestWebSoft Plugins - Authenticated Cross-Site Scripting (XSS)

Published

2024-03-25

Title

Woo Viet < 1.5.3 - Authenticated (Administrator+) Stored Cross-Site Scripting